ffa7bc48e707b1e7393d0319afa066e1_JaffaCakes118

General

Target

ffa7bc48e707b1e7393d0319afa066e1_JaffaCakes118
Size

109KB
MD5

ffa7bc48e707b1e7393d0319afa066e1
SHA1

84484df85d087fe3590b80c183895d99b457fefe
SHA256

b0d5673016d4d2daae71478703eb9d12d75e35d23a17147a2f47e71663950eb7
SHA512

f0e70aa57ea7dc4275568c4af7cad1e4af9868c89a92aa19e1d47f93d40e04e0bcd004b1b2bcc8cfdcbd9dd99e10bd24f9ced1ee20707cdad047775f6985c326
SSDEEP

3072:NAmBccVLShIBTySRt3F97wIXk1tQcGyG2AVZc19:NAm1LSAyaZF97wIU1tQu1AV0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffa7bc48e707b1e7393d0319afa066e1_JaffaCakes118

Files

ffa7bc48e707b1e7393d0319afa066e1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0465bc74b2a4ff2e458bd1ba07eec52d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoUninitialize
CoCreateInstance

dbghelp

SymRegisterFunctionEntryCallback
SymCleanup

user32

SetWindowLongW
ReleaseDC
LoadStringW
GetWindowRect
GetWindowLongW
GetThreadDesktop
GetSystemMetrics
GetSysColor
GetDlgItem
GetDesktopWindow
EndDialog
EnableWindow
CloseDesktop

advapi32

RegQueryValueExW
RegOpenKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW

kernel32

UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
QueryPerformanceCounter
PeekConsoleInputW
LocalFree
VirtualAlloc
LoadLibraryA
LCMapStringW
LCMapStringA
InterlockedExchange
HeapReAlloc
HeapCreate
HeapAlloc
VirtualFree
VirtualQuery
lstrcmpiW
lstrlenW
LoadLibraryW
GetCurrentProcess
AllocConsole
ExitProcess
FatalAppExitW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoW
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA

Exports

Exports

FreeMem
WGLGetDevice

Sections

.text
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

skhjizp
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0465bc74b2a4ff2e458bd1ba07eec52d

Headers

File Characteristics

Imports

ole32

dbghelp

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 92KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 36KB

skhjizp Size: - Virtual size: 4KB

.text
Size: 90KB - Virtual size: 92KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 36KB

skhjizp
Size: - Virtual size: 4KB